Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/XCN-WCYHE6-ULdeF0PBxEhqeXiY.roa
File:                     XCN-WCYHE6-ULdeF0PBxEhqeXiY.roa (raw, json)
Hash identifier:          hm6fK/ERXaHu3aW/k7yfZ/VBdRwAcQiH6z5w/tCkj7g=
Subject key identifier:   5C:23:7E:58:26:07:13:AF:94:2D:D7:85:D0:F0:71:12:1A:9E:5E:26
Certificate issuer:       /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial:       0191DC6A7172E9A2162F91594B3993C74E4C
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/XCN-WCYHE6-ULdeF0PBxEhqeXiY.roa
Signing time:             Tue 10 Sep 2024 14:50:48 +0000
ROA not before:           Tue 10 Sep 2024 14:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203
IP address blocks:        195.203.156.0/22 maxlen: 22
                          2a03:5000:1::/48 maxlen: 48
                          2a03:5000:2::/48 maxlen: 48
                          2a03:5000:11::/48 maxlen: 48
                          2a03:5000:12::/48 maxlen: 48
                          2a03:5000:20::/48 maxlen: 48
                          2a03:5000:21::/48 maxlen: 48
                          2a03:5000:22::/48 maxlen: 48
                          2a03:5000:30::/48 maxlen: 48
                          2a03:5000:31::/48 maxlen: 48
                          2a03:5000:32::/48 maxlen: 48
                          2a03:5000:41::/48 maxlen: 48
                          2a03:5000:42::/48 maxlen: 48
                          2a03:5000:51::/48 maxlen: 48
                          2a03:5000:52::/48 maxlen: 48
                          2a03:5000:61::/48 maxlen: 48
                          2a03:5000:62::/48 maxlen: 48
                          2a03:5000:71::/48 maxlen: 48
                          2a03:5000:72::/48 maxlen: 48
                          2a03:5000:81::/48 maxlen: 48
                          2a03:5000:82::/48 maxlen: 48
                          2a03:5000:91::/48 maxlen: 48
                          2a03:5000:92::/48 maxlen: 48
                          2a03:5000:101::/48 maxlen: 48
                          2a03:5000:102::/48 maxlen: 48
                          2a03:5000:111::/48 maxlen: 48
                          2a03:5000:112::/48 maxlen: 48
                          2a03:5000:121::/48 maxlen: 48
                          2a03:5000:122::/48 maxlen: 48
                          2a03:5000:131::/48 maxlen: 48
                          2a03:5000:132::/48 maxlen: 48
                          2a03:5000:141::/48 maxlen: 48
                          2a03:5000:142::/48 maxlen: 48
                          2a03:5000:151::/48 maxlen: 48
                          2a03:5000:152::/48 maxlen: 48
                          2a03:5000:161::/48 maxlen: 48
                          2a03:5000:162::/48 maxlen: 48
                          2a03:5000:171::/48 maxlen: 48
                          2a03:5000:172::/48 maxlen: 48
                          2a03:5000:181::/48 maxlen: 48
                          2a03:5000:182::/48 maxlen: 48
                          2a03:5000:191::/48 maxlen: 48
                          2a03:5000:192::/48 maxlen: 48
                          2a03:5000:201::/48 maxlen: 48
                          2a03:5000:202::/48 maxlen: 48
                          2a03:5000:211::/48 maxlen: 48
                          2a03:5000:212::/48 maxlen: 48
                          2a03:5000:221::/48 maxlen: 48
                          2a03:5000:222::/48 maxlen: 48
                          2a03:5000:231::/48 maxlen: 48
                          2a03:5000:232::/48 maxlen: 48
                          2a03:5000:241::/48 maxlen: 48
                          2a03:5000:242::/48 maxlen: 48
                          2a03:5000:251::/48 maxlen: 48
                          2a03:5000:252::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 10 Sep 2024 18:35:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:dc:6a:71:72:e9:a2:16:2f:91:59:4b:39:93:c7:4e:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
        Validity
            Not Before: Sep 10 14:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5c237e58260713af942dd785d0f071121a9e5e26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1f:3a:f8:62:a1:3e:b7:3c:22:b6:a0:f5:20:
                    18:e4:0c:13:fc:08:81:a4:02:b8:27:ab:88:a1:57:
                    b2:ce:fd:ac:0d:1a:56:c0:f0:88:b2:d1:9c:b4:d9:
                    4f:08:7d:17:29:a9:04:85:2b:88:02:b7:53:fa:15:
                    85:9c:a4:34:cf:70:72:84:f8:9c:11:a7:89:5d:05:
                    4f:14:f2:c5:0f:a8:c4:e7:d9:94:22:ec:4d:d2:09:
                    66:1c:e0:36:2b:ba:a1:a7:f7:a5:88:05:d0:a2:af:
                    6e:e2:9d:91:d1:b1:7d:4e:c2:3f:80:18:60:a0:a5:
                    6d:c8:4a:b5:de:3f:d7:ad:49:f9:5d:b4:1e:47:e0:
                    a0:e3:a7:98:54:dd:d3:d5:36:ba:a8:72:97:70:e5:
                    e8:85:4f:db:64:87:76:a6:a6:92:20:5a:e8:14:85:
                    c5:57:c1:70:77:5a:09:dd:0b:ba:d3:88:77:40:d8:
                    b9:ce:96:ef:b0:5a:41:7d:78:3f:7a:b0:98:b9:10:
                    e8:41:61:f4:fe:c2:31:47:31:1b:21:31:f6:be:7e:
                    59:24:f4:fe:3c:f0:08:93:c9:15:bb:2e:96:bf:a5:
                    0a:c0:5c:12:75:47:55:f0:b9:46:ac:1f:ed:5f:b9:
                    7b:f5:c2:12:fc:06:7f:d9:36:1e:d7:bf:f9:e9:0c:
                    e8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:23:7E:58:26:07:13:AF:94:2D:D7:85:D0:F0:71:12:1A:9E:5E:26
            X509v3 Authority Key Identifier:
                keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/XCN-WCYHE6-ULdeF0PBxEhqeXiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.203.156.0/22
                IPv6:
                  2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         d1:83:03:04:3b:c9:9c:94:10:6e:d6:95:2e:5e:d0:af:a8:88:
         63:7f:e8:b3:af:23:3f:f5:a7:e7:2a:28:51:65:0f:a5:81:fd:
         72:06:43:64:51:fd:19:9b:f3:20:13:45:cf:57:2d:45:f2:32:
         e5:59:85:ab:5d:ab:fb:e0:f3:01:8b:84:05:01:bd:e8:74:7b:
         61:b0:5d:87:7f:81:de:cd:c1:46:b5:55:aa:64:e7:45:58:65:
         64:5d:1d:02:ff:91:8b:00:23:55:46:cb:a5:10:6e:f6:bc:55:
         3b:69:75:19:34:43:f7:b8:36:3c:e7:ce:3a:11:36:63:13:de:
         7e:07:66:35:da:c4:00:c9:31:36:ff:5a:84:49:6e:7a:9a:8b:
         f7:e0:37:3a:43:8d:1a:15:e7:85:91:80:c5:e2:44:55:58:9c:
         5e:4b:bb:2b:c0:6a:6f:56:c3:b5:09:c7:18:db:fe:b2:b1:91:
         ff:9d:e4:fb:30:88:5f:50:a3:91:d7:5f:46:06:da:64:27:f9:
         da:c9:17:e7:a9:37:95:d8:ef:10:a3:43:ea:1c:46:3d:71:54:
         44:60:22:21:f5:9d:b9:16:49:a2:b1:dd:bb:c7:c4:19:b2:b6:
         82:8f:78:82:cf:3f:61:60:25:47:03:7a:05:60:c7:b7:74:6e:
         f1:90:02:b8
-----BEGIN CERTIFICATE-----
MIIHFzCCBf+gAwIBAgISAZHcanFy6aIWL5FZSzmTx05MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjQwOTEwMTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzIzN2U1ODI2MDcxM2FmOTQyZGQ3ODVkMGYwNzExMjFhOWU1ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB86+GKhPrc8Irag9SAY5AwT/AiB
pAK4J6uIoVeyzv2sDRpWwPCIstGctNlPCH0XKakEhSuIArdT+hWFnKQ0z3ByhPic
EaeJXQVPFPLFD6jE59mUIuxN0glmHOA2K7qhp/eliAXQoq9u4p2R0bF9TsI/gBhg
oKVtyEq13j/XrUn5XbQeR+Cg46eYVN3T1Ta6qHKXcOXohU/bZId2pqaSIFroFIXF
V8Fwd1oJ3Qu604h3QNi5zpbvsFpBfXg/erCYuRDoQWH0/sIxRzEbITH2vn5ZJPT+
PPAIk8kVuy6Wv6UKwFwSdUdV8LlGrB/tX7l79cIS/AZ/2TYe17/56QzodwIDAQAB
o4IEIzCCBB8wHQYDVR0OBBYEFFwjflgmBxOvlC3XhdDwcRIanl4mMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvWENOLVdDWUhFNi1VTGRlRjBQQnhFaHFlWGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICNwYIKwYBBQUHAQcBAf8EggImMIICIjAMBAIAATAGAwQC
w8ucMIICEAQCAAIwggIIMBIDBwAqA1AAAAEDBwAqA1AAAAIwEgMHACoDUAAAEQMH
ACoDUAAAEjASAwcFKgNQAAAgAwcAKgNQAAAiMBIDBwQqA1AAADADBwAqA1AAADIw
EgMHACoDUAAAQQMHACoDUAAAQjASAwcAKgNQAABRAwcAKgNQAABSMBIDBwAqA1AA
AGEDBwAqA1AAAGIwEgMHACoDUAAAcQMHACoDUAAAcjASAwcAKgNQAACBAwcAKgNQ
AACCMBIDBwAqA1AAAJEDBwAqA1AAAJIwEgMHACoDUAABAQMHACoDUAABAjASAwcA
KgNQAAERAwcAKgNQAAESMBIDBwAqA1AAASEDBwAqA1AAASIwEgMHACoDUAABMQMH
ACoDUAABMjASAwcAKgNQAAFBAwcAKgNQAAFCMBIDBwAqA1AAAVEDBwAqA1AAAVIw
EgMHACoDUAABYQMHACoDUAABYjASAwcAKgNQAAFxAwcAKgNQAAFyMBIDBwAqA1AA
AYEDBwAqA1AAAYIwEgMHACoDUAABkQMHACoDUAABkjASAwcAKgNQAAIBAwcAKgNQ
AAICMBIDBwAqA1AAAhEDBwAqA1AAAhIwEgMHACoDUAACIQMHACoDUAACIjASAwcA
KgNQAAIxAwcAKgNQAAIyMBIDBwAqA1AAAkEDBwAqA1AAAkIwEgMHACoDUAACUQMH
ACoDUAACUjANBgkqhkiG9w0BAQsFAAOCAQEA0YMDBDvJnJQQbtaVLl7Qr6iIY3/o
s68jP/Wn5yooUWUPpYH9cgZDZFH9GZvzIBNFz1ctRfIy5VmFq12r++DzAYuEBQG9
6HR7YbBdh3+B3s3BRrVVqmTnRVhlZF0dAv+RiwAjVUbLpRBu9rxVO2l1GTRD97g2
POfOOhE2YxPefgdmNdrEAMkxNv9ahEluepqL9+A3OkONGhXnhZGAxeJEVVicXku7
K8Bqb1bDtQnHGNv+srGR/53k+zCIX1CjkddfRgbaZCf52skX56k3ldjvEKND6hxG
PXFURGAiIfWduRZJorHdu8fEGbK2go94gs8/YWAlRwN6BWDHt3Ru8ZACuA==
-----END CERTIFICATE-----
Generated at Tue Sep 10 19:38:25 2024 by rpki-client on console-fra.rpki-client.org